Heap-Based Buffer Overflow in Novell iPrint Client from Novell
CVE-2011-1701

Currently unrated

Key Information:

Vendor: Novell
Status: Iprint
Vendor: CVE Published:; 9 June 2011

Summary

The Novell iPrint Client contains a heap-based buffer overflow vulnerability within nipplib.dll. This vulnerability is primarily due to improper handling of the profile-name parameter in a crafted printer-url, which can be exploited by remote attackers. Successful exploitation may allow attackers to execute arbitrary code on the affected system, leading to potentially severe consequences such as unauthorized access and system compromise.

References

http://www.securitytracker.com/id?1025606

vdb-entryx_refsource_SECTRACK

http://download.novell.com/Download?buildid=6_bNby38ERg~

x_refsource_CONFIRM

http://secunia.com/advisories/44811

third-party-advisoryx_refsource_SECUNIA

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 9, 2011
Vulnerability Reserved
Apr 15, 2011